webflow-webhooks-events

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill receives and processes Webflow webhook payloads (see SKILL.md Step 2: the /webhooks/webflow endpoint and Step 3 event router handling triggerTypes like form_submission and collection_item_created), which are user-generated/untrusted content that the code parses and uses to drive actions (forward to CRM, create invoices, update systems), so third-party content can materially influence behavior.